From 83937d7368d23e645de8f791e39148129a7392c8 Mon Sep 17 00:00:00 2001
From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
Date: Wed, 1 Jun 2022 02:06:00 -0500
Subject: user/py3-pillow: [CVE] Update to 9.1.1

Release 6 was not compatible with Python 3.10 and causing segfaults.
Fixes: #612
---
 user/py3-pillow/APKBUILD | 36 +++++++++++++++++++++++++++++++++---
 1 file changed, 33 insertions(+), 3 deletions(-)

(limited to 'user')

diff --git a/user/py3-pillow/APKBUILD b/user/py3-pillow/APKBUILD
index bb4878256..aed901aae 100644
--- a/user/py3-pillow/APKBUILD
+++ b/user/py3-pillow/APKBUILD
@@ -4,13 +4,13 @@ pkgname=py3-pillow
 _pkgname=Pillow
 _p="${_pkgname#?}"
 _p="${_pkgname%"$_p"}"
-pkgver=6.2.2
+pkgver=9.1.1
 pkgrel=0
 pkgdesc="A Python Imaging Library"
 url="https://pypi.org/project/Pillow"
 arch="all"
 # Certified net clean
-license="Custom"
+license="HPND"
 depends="py3-olefile python3"
 makedepends="python3-dev freetype-dev libjpeg-turbo-dev libwebp-dev
 	tiff-dev libpng-dev lcms2-dev openjpeg-dev zlib-dev"
@@ -21,6 +21,36 @@ source="$pkgname-$pkgver.tar.gz::https://files.pythonhosted.org/packages/source/
 builddir="$srcdir/$_pkgname-$pkgver"
 
 # secfixes: pillow
+#   9.1.1-r0:
+#     - CVE-2020-10177
+#     - CVE-2020-10378
+#     - CVE-2020-10379
+#     - CVE-2020-10994
+#     - CVE-2020-11538
+#     - CVE-2020-35653
+#     - CVE-2020-35654
+#     - CVE-2020-35655
+#     - CVE-2021-23437
+#     - CVE-2021-25287
+#     - CVE-2021-25288
+#     - CVE-2021-25289
+#     - CVE-2021-25290
+#     - CVE-2021-25291
+#     - CVE-2021-25292
+#     - CVE-2021-25293
+#     - CVE-2021-27921
+#     - CVE-2021-27922
+#     - CVE-2021-27923
+#     - CVE-2021-28675
+#     - CVE-2021-28676
+#     - CVE-2021-28677
+#     - CVE-2021-28678
+#     - CVE-2021-34552
+#     - CVE-2022-22815
+#     - CVE-2022-22816
+#     - CVE-2022-22817
+#     - CVE-2022-24303
+#     - CVE-2022-30595
 #   6.2.2-r0:
 #     - CVE-2019-19911
 #     - CVE-2020-5310
@@ -57,5 +87,5 @@ doc() {
 	install -Dm644 "$builddir"/LICENSE "$subpkgdir/usr/share/licenses/$pkgname/LICENSE"
 }
 
-sha512sums="517c971d4fb23a47466a7e8326c8c29291f7832d4521001c1898d6223ea25d4b0a8b7c8f7e78dd706f421229a8261b558b9fbdc43e47a0a2a7b2b4bbc1a21eff  py3-pillow-6.2.2.tar.gz
+sha512sums="5fbb94cb3046c002e996f61bfbfaca0b30e9e068aa7ab13083cd2ff8c3e9cc18c5aab04ecc3de5a83eb985186f90dacbd42bad1905b0e89f0e34238af54b304e  py3-pillow-9.1.1.tar.gz
 c01e83a7cef6653a33f60acbcbc737f0d40ff0dbc792ce0b2ce52f21092d3071845830fa0f64b27a1c5e679c53df57e0ec2e89867ee717f938d4e6f19db77790  py3-pillow-scripts-b24479c.tar.gz"
-- 
cgit v1.2.3-70-g09d2